Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/dS0rJYUiowSGNbumEYvnrOt0aao.roa
File: dS0rJYUiowSGNbumEYvnrOt0aao.roa (raw, json)
Hash identifier: 4OhflBXxwKZtv5Zy3Mph2nLkITQOyf0BjWrq7VcE1zE=
Subject key identifier: 75:2D:2B:25:85:22:A3:04:86:35:BB:A6:11:8B:E7:AC:EB:74:69:AA
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 018A8ED0E83E6D17321AFA9F95999389F117
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/dS0rJYUiowSGNbumEYvnrOt0aao.roa
Signing time: Wed 13 Sep 2023 13:52:50 +0000
ROA not before: Wed 13 Sep 2023 13:52:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39312
IP address blocks: 195.90.110.0/23 maxlen: 23
2a05:da80:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:d0:e8:3e:6d:17:32:1a:fa:9f:95:99:93:89:f1:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Sep 13 13:52:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=752d2b258522a3048635bba6118be7aceb7469aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ef:2f:dd:06:01:e0:9f:9e:f3:da:a0:8d:7f:
a1:65:3d:15:73:d5:7e:24:0a:23:07:8c:6d:c4:03:
51:a4:63:84:cd:15:60:d7:e1:74:aa:c0:55:c9:c9:
ad:1a:17:a8:2f:47:01:b5:fd:c0:b3:9d:6e:c3:53:
04:ba:8f:8d:33:db:72:be:c1:bf:1b:fc:a5:e4:fa:
c7:14:a7:13:65:93:70:4f:bd:1e:38:0d:f7:ff:3d:
da:40:c0:20:d2:b4:80:ba:6d:52:f4:8d:fb:5e:cc:
45:40:97:dd:c6:ae:d7:73:c8:83:e9:c4:3c:b6:57:
ee:33:d7:63:d8:07:df:40:f3:95:48:11:b3:26:bf:
49:01:78:2e:9a:e8:cc:e6:51:f9:4b:da:7f:eb:d5:
58:60:0e:bf:a3:a5:47:6f:61:c6:77:ef:3d:9e:cb:
16:2c:9a:21:d4:b1:a5:e3:7a:39:18:06:e0:0d:46:
f6:84:4a:2d:4b:4c:3e:1e:30:55:1d:49:11:be:32:
16:de:3f:8a:f9:d2:36:3c:a7:98:ce:d5:dd:70:e7:
fe:c0:c0:af:db:76:18:45:a5:c5:61:80:28:47:3b:
ea:5c:43:c1:ed:92:66:73:43:93:80:db:5d:a6:1a:
12:84:4b:08:c3:e5:e0:c2:53:7d:ff:38:5d:ad:13:
8a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:2D:2B:25:85:22:A3:04:86:35:BB:A6:11:8B:E7:AC:EB:74:69:AA
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/dS0rJYUiowSGNbumEYvnrOt0aao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.90.110.0/23
IPv6:
2a05:da80:2000::/40
Signature Algorithm: sha256WithRSAEncryption
81:e0:fb:94:9f:e7:57:0c:33:a3:d2:6b:3e:d3:a4:db:42:ef:
fb:7d:7f:68:a5:3a:67:4d:84:4e:ab:66:60:16:67:b7:ee:dd:
c1:a9:40:2e:63:f1:9c:7d:3b:00:16:06:e9:6f:5f:c7:de:70:
33:8d:79:76:04:d5:7d:1c:31:16:70:0b:dc:03:4d:56:e7:65:
09:8c:e5:70:38:fd:6e:3c:c1:da:75:e3:71:43:e2:c3:f1:70:
6b:85:18:a9:33:76:11:08:28:ee:2e:56:88:60:07:42:8f:8f:
33:8c:00:00:4a:b4:5a:50:ac:76:74:34:2e:94:7b:33:9e:11:
68:60:34:95:38:00:f0:2c:32:43:65:b2:64:30:ef:66:77:07:
d2:24:5d:99:38:d7:95:5d:d7:f8:7d:a0:e7:be:41:40:ad:2c:
c8:97:1a:ff:2e:b2:c0:50:c9:ad:9e:7d:48:f9:93:45:69:f2:
2e:46:34:b5:c2:12:eb:9e:2d:e8:61:5d:25:d2:24:17:08:9f:
cc:2a:bf:25:da:35:6e:c1:88:cd:bc:0d:50:6d:e6:f1:24:3c:
fc:28:43:0d:3e:d6:a1:6a:8a:7f:09:82:cf:8d:23:29:59:16:
c2:72:c8:d2:0f:0a:61:62:a1:1e:f2:08:3c:08:be:5c:51:a3:
50:e2:be:29
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYqO0Og+bRcyGvqflZmTifEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjMwOTEzMTM1MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTJkMmIyNTg1MjJhMzA0ODYzNWJiYTYxMThiZTdhY2ViNzQ2OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou8v3QYB4J+e89qgjX+hZT0Vc9V+
JAojB4xtxANRpGOEzRVg1+F0qsBVycmtGheoL0cBtf3As51uw1MEuo+NM9tyvsG/
G/yl5PrHFKcTZZNwT70eOA33/z3aQMAg0rSAum1S9I37XsxFQJfdxq7Xc8iD6cQ8
tlfuM9dj2AffQPOVSBGzJr9JAXgumujM5lH5S9p/69VYYA6/o6VHb2HGd+89nssW
LJoh1LGl43o5GAbgDUb2hEotS0w+HjBVHUkRvjIW3j+K+dI2PKeYztXdcOf+wMCv
23YYRaXFYYAoRzvqXEPB7ZJmc0OTgNtdphoShEsIw+XgwlN9/zhdrROKuwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHUtKyWFIqMEhjW7phGL56zrdGmqMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvZFMwckpZVWlvd1NHTmJ1bUVZdm5yT3QwYWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBw1puMA4E
AgACMAgDBgAqBdqAIDANBgkqhkiG9w0BAQsFAAOCAQEAgeD7lJ/nVwwzo9JrPtOk
20Lv+31/aKU6Z02ETqtmYBZnt+7dwalALmPxnH07ABYG6W9fx95wM415dgTVfRwx
FnAL3ANNVudlCYzlcDj9bjzB2nXjcUPiw/Fwa4UYqTN2EQgo7i5WiGAHQo+PM4wA
AEq0WlCsdnQ0LpR7M54RaGA0lTgA8CwyQ2WyZDDvZncH0iRdmTjXlV3X+H2g575B
QK0syJca/y6ywFDJrZ59SPmTRWnyLkY0tcIS654t6GFdJdIkFwifzCq/Jdo1bsGI
zbwNUG3m8SQ8/ChDDT7WoWqKfwmCz40jKVkWwnLI0g8KYWKhHvIIPAi+XFGjUOK+
KQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:33 2024 by rpki-client on console-fra.rpki-client.org